1 |
commit: cb12d2245f1dbc1579209a8c60903d3163a72419 |
2 |
Author: Mikle Kolyada <zlogene <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri May 3 13:13:02 2019 +0000 |
4 |
Commit: Mikle Kolyada <zlogene <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri May 3 13:13:02 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cb12d224 |
7 |
|
8 |
net-misc/dhcpcd: Security cleanup |
9 |
|
10 |
Bug: https://bugs.gentoo.org/684430 |
11 |
Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org> |
12 |
Package-Manager: Portage-2.3.62, Repoman-2.3.11 |
13 |
|
14 |
net-misc/dhcpcd/dhcpcd-7.1.1-r1.ebuild | 152 --------------------------------- |
15 |
1 file changed, 152 deletions(-) |
16 |
|
17 |
diff --git a/net-misc/dhcpcd/dhcpcd-7.1.1-r1.ebuild b/net-misc/dhcpcd/dhcpcd-7.1.1-r1.ebuild |
18 |
deleted file mode 100644 |
19 |
index 9c02a7a0ea5..00000000000 |
20 |
--- a/net-misc/dhcpcd/dhcpcd-7.1.1-r1.ebuild |
21 |
+++ /dev/null |
22 |
@@ -1,152 +0,0 @@ |
23 |
-# Copyright 1999-2019 Gentoo Authors |
24 |
-# Distributed under the terms of the GNU General Public License v2 |
25 |
- |
26 |
-EAPI=6 |
27 |
- |
28 |
-inherit systemd toolchain-funcs |
29 |
- |
30 |
-if [[ ${PV} == "9999" ]]; then |
31 |
- inherit git-r3 |
32 |
- EGIT_REPO_URI="https://roy.marples.name/git/dhcpcd.git" |
33 |
-else |
34 |
- MY_P="${P/_alpha/-alpha}" |
35 |
- MY_P="${MY_P/_beta/-beta}" |
36 |
- MY_P="${MY_P/_rc/-rc}" |
37 |
- SRC_URI="https://roy.marples.name/downloads/${PN}/${MY_P}.tar.xz" |
38 |
- KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux" |
39 |
- S="${WORKDIR}/${MY_P}" |
40 |
-fi |
41 |
- |
42 |
-DESCRIPTION="A fully featured, yet light weight RFC2131 compliant DHCP client" |
43 |
-HOMEPAGE="https://roy.marples.name/projects/dhcpcd" |
44 |
-LICENSE="BSD-2" |
45 |
-SLOT="0" |
46 |
-IUSE="elibc_glibc +embedded ipv6 kernel_linux +udev" |
47 |
- |
48 |
-COMMON_DEPEND="udev? ( virtual/udev )" |
49 |
-DEPEND="${COMMON_DEPEND}" |
50 |
-RDEPEND="${COMMON_DEPEND}" |
51 |
- |
52 |
-PATCHES=( |
53 |
- "${FILESDIR}"/${P}-disable_inet6_fix.patch #677508 |
54 |
-) |
55 |
- |
56 |
-src_configure() { |
57 |
- local dev hooks=() rundir |
58 |
- use udev || dev="--without-dev --without-udev" |
59 |
- hooks=( --with-hook=ntp.conf ) |
60 |
- use elibc_glibc && hooks+=( --with-hook=yp.conf ) |
61 |
- use kernel_linux && rundir="--rundir=${EPREFIX}/run" |
62 |
- local myeconfargs=( |
63 |
- --prefix="${EPREFIX}" |
64 |
- --libexecdir="${EPREFIX}/lib/dhcpcd" |
65 |
- --dbdir="${EPREFIX}/var/lib/dhcpcd" |
66 |
- --localstatedir="${EPREFIX}/var" |
67 |
- ${rundir} |
68 |
- $(use_enable embedded) |
69 |
- $(use_enable ipv6) |
70 |
- ${dev} |
71 |
- CC="$(tc-getCC)" |
72 |
- ${hooks[@]} |
73 |
- ) |
74 |
- econf "${myeconfargs[@]}" |
75 |
-} |
76 |
- |
77 |
-src_install() { |
78 |
- default |
79 |
- keepdir /var/lib/dhcpcd |
80 |
- newinitd "${FILESDIR}"/${PN}.initd ${PN} |
81 |
- systemd_dounit "${FILESDIR}"/${PN}.service |
82 |
-} |
83 |
- |
84 |
-pkg_postinst() { |
85 |
- local dbdir="${EROOT%/}"/var/lib/dhcpcd old_files=() |
86 |
- |
87 |
- local old_old_duid="${EROOT%/}"/var/lib/dhcpcd/dhcpcd.duid |
88 |
- local old_duid="${EROOT%/}"/etc/dhcpcd.duid |
89 |
- local new_duid="${dbdir}"/duid |
90 |
- if [[ -e "${old_old_duid}" ]] ; then |
91 |
- # Upgrade the duid file to the new format if needed |
92 |
- if ! grep -q '..:..:..:..:..:..' "${old_old_duid}"; then |
93 |
- sed -i -e 's/\(..\)/\1:/g; s/:$//g' "${old_old_duid}" |
94 |
- fi |
95 |
- |
96 |
- # Move the duid to /etc, a more sensible location |
97 |
- if [[ ! -e "${old_duid}" ]] ; then |
98 |
- cp -p "${old_old_duid}" "${new_duid}" |
99 |
- fi |
100 |
- old_files+=( "${old_old_duid}" ) |
101 |
- fi |
102 |
- |
103 |
- # dhcpcd-7 moves the files out of /etc |
104 |
- if [[ -e "${old_duid}" ]] ; then |
105 |
- if [[ ! -e "${new_duid}" ]] ; then |
106 |
- cp -p "${old_duid}" "${new_duid}" |
107 |
- fi |
108 |
- old_files+=( "${old_duid}" ) |
109 |
- fi |
110 |
- local old_secret="${EROOT%/}"/etc/dhcpcd.secret |
111 |
- local new_secret="${dbdir}"/secret |
112 |
- if [[ -e "${old_secret}" ]] ; then |
113 |
- if [[ ! -e "${new_secret}" ]] ; then |
114 |
- cp -p "${old_secret}" "${new_secret}" |
115 |
- fi |
116 |
- old_files+=( "${old_secret}" ) |
117 |
- fi |
118 |
- |
119 |
- # dhcpcd-7 renames some files in /var/lib/dhcpcd |
120 |
- local old_rdm="${dbdir}"/dhcpcd-rdm.monotonic |
121 |
- local new_rdm="${dbdir}"/rdm_monotonic |
122 |
- if [[ -e "${old_rdm}" ]] ; then |
123 |
- if [[ ! -e "${new_rdm}" ]] ; then |
124 |
- cp -p "${old_rdm}" "${new_rdm}" |
125 |
- fi |
126 |
- old_files+=( "${old_rdm}" ) |
127 |
- fi |
128 |
- local lease= |
129 |
- for lease in "${dbdir}"/dhcpcd-*.lease*; do |
130 |
- [[ -f "${lease}" ]] || continue |
131 |
- old_files+=( "${lease}" ) |
132 |
- local new_lease=$(basename "${lease}" | sed -e "s/dhcpcd-//") |
133 |
- [[ -e "${dbdir}/${new_lease}" ]] && continue |
134 |
- cp "${lease}" "${dbdir}/${new_lease}" |
135 |
- done |
136 |
- |
137 |
- # Warn about removing stale files |
138 |
- if [[ -n "${old_files[@]}" ]] ; then |
139 |
- elog |
140 |
- elog "dhcpcd-7 has copied dhcpcd.duid and dhcpcd.secret from" |
141 |
- elog "${EROOT%/}/etc to ${dbdir}" |
142 |
- elog "and copied leases in ${dbdir} to new files with the dhcpcd-" |
143 |
- elog "prefix dropped." |
144 |
- elog |
145 |
- elog "You should remove these files if you don't plan on reverting" |
146 |
- elog "to an older version:" |
147 |
- local old_file= |
148 |
- for old_file in ${old_files[@]}; do |
149 |
- elog " ${old_file}" |
150 |
- done |
151 |
- fi |
152 |
- |
153 |
- if [ -z "${REPLACING_VERSIONS}" ]; then |
154 |
- elog |
155 |
- elog "dhcpcd has zeroconf support active by default." |
156 |
- elog "This means it will always obtain an IP address even if no" |
157 |
- elog "DHCP server can be contacted, which will break any existing" |
158 |
- elog "failover support you may have configured in your net configuration." |
159 |
- elog "This behaviour can be controlled with the noipv4ll configuration" |
160 |
- elog "file option or the -L command line switch." |
161 |
- elog "See the dhcpcd and dhcpcd.conf man pages for more details." |
162 |
- |
163 |
- elog |
164 |
- elog "Dhcpcd has duid enabled by default, and this may cause issues" |
165 |
- elog "with some dhcp servers. For more information, see" |
166 |
- elog "https://bugs.gentoo.org/show_bug.cgi?id=477356" |
167 |
- fi |
168 |
- |
169 |
- if ! has_version net-dns/bind-tools; then |
170 |
- elog |
171 |
- elog "If you activate the lookup-hostname hook to look up your hostname" |
172 |
- elog "using the dns, you need to install net-dns/bind-tools." |
173 |
- fi |
174 |
-} |